Sometime around 1999 I realized that there are many instances where you will want to browse the Internet without the ISP, hotel or even company you work for being able to see the sites you visit. This is not a unique idea and has now become almost a mainstream activity of security minded individuals. But, I wanted things to be simple so I created a small java program to do the client side work for me, that not only creates an ssh tunnel when the outbound port 22 is open, but can also work through a proxy or firewall that only allows SSL traffic through to the Internet.
Download Java SSH Tunnel Tool
What you need:
Server that has an SSH server and a proxy. (I am using the squid proxy)
Ability to enable SSH to listen to port 443 (simple sshd_config setting on linux using openssh)
If your company, hotel, etc uses an authenticated proxy. You will need to know the IP address of the proxy and the credentials used.
I am using a server that is hosted by linode.com. This server is a CentOS 5.4 server with a very basic linux install with openssh server and squid installed.
First you need to make sure that your ssh server is working. As long as you know it answers on port 22 as it does by default then you are ready to move on to the next step.
Make the SSH server listen on port 443.
Edit the /etc/ssh/sshd_config (location on CentOS 5.4)
Uncomment the line ‘#Port 22’ if it is commented.
Add line ‘Port 443’
Your sshd_config file should now have the following lines:
Port 22
Port 443
Restart the ssh server.
On CentOS: service sshd restart
On most other linux systems you can use: /etc/init.d/sshd restart
Try to connect to your ssh server on port 443
# ssh -l username -p 443 10.10.10.10 (substitute your username and IP address as appropriate)
If you can connect to your ssh server on port 443 then you are ready to go onto the next step.
Using the LiberSSH2.jar client.
Download the Java SSH client LiberSSH2.jar from here.
Run the LiberSSH2.jar file. This should work with Mac, Windows or Linux. The LiberSSH2.jar file is a runnable jar, so you should be able to just run it by double clicking.
If it does not run, then try the following ‘java -jar LiberSSH2.jar’
Detail information about the client fields:
Hostname: Server that is running your ssh server and proxy
Username: Username for above server
Password: Password for above username
Proxy Server: This is if you have a local proxy or firewall that you must use to get out to the internet.
Proxy Port: Proxy port that the above Proxy server uses.
Proxy Username: Username for the above proxy server. This is needed if your company proxy server uses an authenticated proxy server.
Proxy Password: Password for above Proxy Username
Local Port: This is the port that your tunnel will be bound to, so that when you hit this port on localhost (127.0.0.1) it will be directed over the tunnel to the remote port on your server on port 3128. (I will allow this to be changed in future releases)
Use Proxy checkbox: Check this if you have to use a proxy to get out of your current network (work environment).
Login Button: Press to login
Logout Button: Press to logout.